Re: port forwarding problem. Probably easy if you know how.

To: debian-user@lists.debian.org
Subject: Re: port forwarding problem. Probably easy if you know how.
From: Gilberto Villani Brito <linux@giboia.org>
Date: Tue, 25 Apr 2006 09:44:30 -0300
Message-id: <[🔎] 20060425094430.4bd7c8b6@giboia>
In-reply-to: <[🔎] 20060423132721.GA8753@topoi.pooq.com>
References: <[🔎] 20060423132721.GA8753@topoi.pooq.com>

Hi,

I think is better you use just:
# iptables -t nat -A PREROUTING --protocol tcp -d 216.138.195.194 --dport 27012 -j DNAT --to-destination 172.25.1.5:27012 --verbose
# iptables -t nat -A PREROUTING --protocol udp -d 216.138.195.194 --dport 27012 -j DNAT --to-destination 172.25.1.5:27012 --verbose
# iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE

I holp your ppp0 have ip 216.138.195.194.

Gilberto


On Sun, 23 Apr 2006 09:27:21 -0400
hendrik@topoi.pooq.com wrote:

> I'm running sarge on a vintage Pentium as a gateway machine for a home 
> network.
> 
> My machine was cracked last December and I reinstalled everything
> from scratch using a sarge netinstall CD. (I checked all scripts I 
> resurrect from the old system,  and recompiled all my *own* binaries 
> from original source code.  The script I mention below hasn't been 
> molested.)
> 
> I run the same script for port-forwarding and masquerading that I used 
> before the reinstall.
> 
> But it doesn't work.
> 
> Lines like
> 
> iptables -t nat -A PREROUTING --protocol tcp -d 216.138.195.194 --dport 27012 -j DNAT --to-destination 172.25.1.5:27012 --verbose
> iptables -t nat -A PREROUTING --protocol udp -d 216.138.195.194 --dport 27012 -j DNAT --to-destination 172.25.1.5:27012 --verbose
> iptables -t nat -A POSTROUTING --protocol udp -s 172.25.1.5 --sport 27012 -j SNAT --to-source 216.138.195.194:27012 --verbose
> iptables -t nat -A POSTROUTING --protocol tcp -s 172.25.1.5 --sport 27012 -j SNAT --to-source 216.138.195.194:27012 --verbose
> 
> have no effect at all (as checked by iptables --list)
> 
> but the line
> 
> iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE
> 
> works like a charm.
> 
> I suspect there's probably a missing kernel module.  But which one?
> And where do I find it?  The docs for iptables way that it will attampt 
> to load any necessary modules, so I presume a simple modprobe isn't 
> enough.  Or else that it doesn't try hard enough.
> 
> -- hendrik
> 
> 
> -- 
> To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org 
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
> 
>

Reply to:

References:
- port forwarding problem. Probably easy if you know how.
  - From: hendrik@topoi.pooq.com

Prev by Date: Re: Compaq Presario 2100 laptop, xorg no output on external VGA (projector), running Etch.
Next by Date: NIC Problems
Previous by thread: Re: port forwarding problem. Probably easy if you know how.
Next by thread: Re: port forwarding problem. Probably easy if you know how.
Index(es):
- Date
- Thread